code-projects Client Details System update-clients.php sql injection
CVE-2023-7141

9.8CRITICAL

Key Information:

Vendor: code-projects
Status: Client Details System
Vendor: CVE Published:; 29 December 2023

🔔 Create code-projects Vulnerability Alert

What is CVE-2023-7141?

A vulnerability in the Client Details System version 1.0 allows for SQL injection through improper handling of input in the /admin/update-clients.php file. An attacker can manipulate the 'uid' argument, potentially leading to unauthorized access or exposure of sensitive information. This issue has been made public, raising concerns about its exploitation in vulnerable installations.